VyprVPN introduces new firewall busting technology

Douglas Crawford

January 28, 2014

As we discuss in some detail elsewhere, the Great Firewall of China is the largest and most effective national censorship system in the world, although similar (if less far-reaching) systems also exist in places such as Turkey, Syria, and Iran. One thing that all such systems aim to do is block privacy technologies such as VPN and Tor, which are commonly used to bypass the firewalls put in place.

The Blocked in China Website only checks whether URLs are blocked, not VPN protocols. However, this demonstrates that the Chinese government is trying to prevent access to VPN technology

VyprVPN, run by global consortium (but based in the US) Golden Frog, today announced that it has developed a new proprietary VPN technology called Chameleon aimed at defeating such blocks.

‘Chameleon scrambles OpenVPN packet metadata to ensure it’s not recognizable via deep packet inspection, while still keeping it fast and lightweight. The Chameleon technology uses the unmodified OpenVPN 256-bit protocol for the underlying data encryption. The result is that VyprVPN users are able to bypass restrictive networks put in place by governments, corporations and ISPs to achieve an open internet experience without sacrificing the proven security for which OpenVPN has long been known.’

‘We actually tested DPI algorithms from several well known DPI vendors to reverse-engineer a proof of concept. After we engineered an initial solution, we deployed the server code worldwide and integrated the Chameleon technology into our Windows, Mac and Android apps so we could start beta testing. Beta testers in some of the most restrictive regimes in the world are currently using Chameleon to defeat a variety of DPI technologies.’

Youkabis explained that the technology was also useful for bypassing ISP throttling of encrypted traffic in less censored countries,

‘Unfortunately, users are reporting that ISPs are starting to identify VPN connections and throttle connection speeds. Internet users should not sacrifice speed to gain increased privacy and security.’

With this in mind the technology has been extensively tested in France and Germany, as well as in China, Iran, and Turkey.

All this sounds interesting, but we have some reservations. Unfortunately, because the technology is proprietary rather than open source, there is no way to verify its integrity, and the only information we have about the way it works is that is ‘randomizes’ metadata properties for the traffic, and is based on 256-bit SSL. Yokubaitis recognized the concern, stating that ‘transparency creates trust and we understand that’, but has been reluctant to make any commitments to making the source code open.

In addition to this, aside from being a US based company (and therefore subject to the Patriot Act, National Security letters, and other favorite tools of the NSA), VyprVPN keeps logs for 90 and does not use shared IP addresses, making it a poor choice if privacy is important.

Of course, those wishing to access the internet from China or Iran may not care about a US company keeping logs, and may find this technology invaluable.

Chameleon is available to users of VyprVPN’s Pro ($14.99/mo) and Premier ($19.99/mo) plans, and is compatible with Windows, OSX, and Android.